Errors

[cgkh]

Hi Sami,

Tks for all the hard work.

Just installed your script on a Debian 9 VPS.

Logged in as root

Ran -

root@xxxx:/home/nShield# python nshield-main.py

and I am getting the following error

"Setting up Basic DDoS Protection sysctl: permission denied on key 'net.netfilter.nf_conntrack_tcp_loose' sh: 1: cannot create /sys/module/nf_conntrack/parameters/hashsize: Directory nonexistent"

Any idea what I'm doing wrong?

Thanks

[fnzv]

Hello @cgkh, Try running these commands manually on the shell: /sbin/sysctl -w net/netfilter/nf_conntrack_tcp_loose=0

echo 1000000 > /sys/module/nf_conntrack/parameters/hashsize && /sbin/sysctl -w net/netfilter/nf_conntrack_max=2000000 && /sbin/sysctl -w net.ipv4.tcp_syn_retries=2 && /sbin/sysctl -w net.ipv4.tcp_rfc1337=1 && /sbin/sysctl -w net.ipv4.tcp_synack_retries=1

If it gives the same error try again with 'sudo' in front of the command and tell me what happens. Seems a permission issue, i have tested it on a clean Debian 9 server image and i couldn't replicate the error.

[cgkh]

Sami,

Thanks so much for the quick response and advice.

I ran the scripts as requested as root and got the errors as shown in the attached text file and screenshot error_1.txt ...

If you have any more ideas, I'd be very grateful.

Many Thanks

Chris

[fnzv]

Hello @cgkh , I tested it many times on a clean Debian 9 (Debian GNU/Linux 9 stretch - Kernel 4.9.0-4-amd64) and i cannot replicate the issue with the system commands. If you want you can comment out the os.popen running these commands

[alessiosavi]

Is there a possibility that the VPS hosting service use some product like XenServer that disable the possibility to use that commands ?

[fnzv]

Hello, Could you sent me the error so i can replicate it? The script doesn't require a specific virtualization layer and so should work also on a XenServer vps.. What kind of operative system are you using?

Sami

Il lun 20 nov 2017 21:26 alessiosavi notifications@github.com ha scritto:

Is there a possibility that the VPS hosting service use some product like XenServer that disable the possibility to use that commands ?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/fnzv/net-Shield/issues/4#issuecomment-345820836, or mute the thread https://github.com/notifications/unsubscribe-auth/APEfqKh12ODONX6J_OOSNOJFehOeffEeks5s4eBdgaJpZM4QOVCS .